IT Security Notifications

In the following we offer you a short list of current security notifications. We make the complete security notifications available to registered customers in the protected area of the KISTERS Service-Portal. By clicking on a notification item below, you will be forwarded to the respetive fulltext version of the notification in the Service-Portal and thereby may be asked to enter your credentials.

Newest first

Log4j artifacts.

We’ve been informed by a customer that one of the delivered Jar files in the KiDSM distribution...

Read more
Water

OpenSSL CVE-2022-2274

Based on the description CVE-2022-2274 and CVE-2022-2097 “Source: CVE: CVE-2022-2274 - CVE-Search, C...

Read more
Water

PHP CVE-2022-31625

The KISTERS solutions are not actively using the method "pg_query_params()" or the "mysqlnd/pdo"...

Read more
Water

Java Spring Framework CVE-2022-22965

A zero-day vulnerability was found in the popular Java Web application development framework Spring

Read more
Water

Apache HTTP Server CVE-2021-44228

CERT-Bund has published a short info on vulnerabilities in the Apache HTTP Server

Read more
Water

XML libexpat CVE-2022-23852

Critical security vulnerability in the "Expat library" for processing XML messages

Read more
Water

H2-Console CVE-2021-42392

Vulnerability in the H2 database console found

Read more
Water

Complete security notifications for the business unit Water in the KISTERS Service-Portal